Running Fortify scan over multiple maven projects -
i have multiple projects bound single parent pom.
if run fortify scan on parent pom using maven fortify plugin, fpr files each project generated. have single fpr file being generated projects. possible ?
thanks , regards, saurav
what want aggregate build. try setting same build id each module , pass -dfortify.sca.toplevel.artifactid artifactid of parent pom. should give single fpr file. should like:
mvn clean mvn -dfortify.sca.buildid=acmeportal com.fortify.ps.maven.plugin:sca-maven-plugin:<version>:clean mvn -dfortify.sca.buildid=acmeportal package com.fortify.ps.maven.plugin:sca-maven-plugin:<version>:translate mvn -dfortify.sca.xmx=800m -dfortify.sca.buildid=acmeportal -dfortify.sca.toplevel.artifactid=acmeportal com.fortify.ps.maven.plugin:sca-maven-plugin:<version>:scan
Comments
Post a Comment